Espinoza was born with an incomplete hand. In 1996, he started working for the county probations department. In 2006, a co-worker started two independent blogs, including one called “Keeping the Peace.” Pseudonymous commenters quickly used the blog to launch a cyberattack against Espinoza, with multiple co-workers criticizing and mocking Espinoza’s hand, managerial style and other work-related issues. (Espinoza wasn’t the only probation employee attacked on the blog). Espinoza also alleged numerous offline incidents of harassment at the workplace, and he repeatedly reported the situation to management. The local managers took some steps to remediate the online harassment, but it appears those steps weren’t pursued zealously and weren’t effective. Espinoza sued the county for disability harassment (among other things), and a jury awarded him over $800k.

The county appealed on several grounds, including:

* the blog posts were “conduct outside the workplace.” In addition to the fact that harassing behavior took place onsite, the court says:

Employees accessed the blog on workplace computers as revealed by defendant’s own investigation. The postings referred both directly and indirectly to plaintiff, who was specifically named in at least some of them, and the postings discussed work-related issues. It was reasonable for the jury to infer the derogatory blogs were made by coworkers. Management sent two e-mails to employees directing they discontinue posting the improper comments on the blog. This suggests the administrators believed employees were posting. That none of the individual defendants was found liable for harassment does not overcome the other evidence of employee harassment. And that some of the blog postings were directed against the probation department and its management does not somehow offset the comments made about plaintiff.

This raises the same issue as the cases dealing with schools disciplining students for online behavior. See, e.g., 1, 2, 3, 4, 5, 6. However, I’m not sure I understand the onsite/offsite line being drawn by this court, and it’s navigating some tricky issues. Clearly employers can’t be automatically liable for online activity between employees, and in particular, government employers can’t restrict an employee’s speech outside the office. For a discussion about this in the context of private employers, see Venkat’s post “Private Employers and Employee Facebook Gaffes [Revisited].”

This case seems a little clearer-cut than that. As the opinion spins it, the employer had a pervasive problem with intra-employee harassments both in and outside the office, and the employer didn’t try very hard to fix that pervasive problem. But notice two things: even if the employer had blocked blog log-ins at the office, it couldn’t regulate the out-of-office conduct; plus, none of the individual harassers were actually found guilty of harassment, so it’s not clear their blogging was “illegal” content. As a result, the employer could not have cracked down on the employees’ out-of-office conduct without risking a suit from the targeted employees. I’m not exactly sure what the court wanted the county to do about the offsite blog, and it’s too bad the court didn’t expressly acknowledge the employer’s obvious dilemma.

* blog evidence should have been suppressed. In particular, the county argued that blog posts unrelated to Espinoza should have been excluded because those posts were “vulgar and disgusting.” The court disagreed because the corpus of posts was sufficient relevant and not unfairly prejudicial.

* 47 USC 230. The county claimed that 47 USC 230 preempts the workplace disability harassment claim. Although part of the harassment claim was based on blog activity and allowing employees to access the blog from the workplace, the court concludes that “defendant’s breach was not based on its employees’ use of their work computers but on its own failure to investigate and resolve the problem.” The court later reminds us that the “plaintiff does not seek to hold defendant liable for the actual blog postings, either directly or vicariously.”

The court discusses the quirky Delfino v. Agilent case, where a prior California appeals court held that 47 USC 230 immunized an employer for providing Internet access to an employee who cyber-threatened third parties. The court distinguishes the case because in Delfino:

the plaintiffs were strangers, never employees of the defendant, and did not sue under FEHA, which imposes additional duties on an employer to protect an employee.. [and] the defendants had not ratified his acts and had no respondeat superior liability

On the plus side, it’s good to see that employment lawyers addressing 47 USC 230. On the minus side, 47 USC 230 wasn’t designed to address employer-employee lawsuits, so it will often be a stretch in those cases.

UPDATE: Molly DiBianca of the Delaware Employment Blog emailed me to explain that, in some cases, employers can (and perhaps must) discipline or terminate employees for off-duty conduct. This blog post provides some support for that claim.